System and method for managing secure communications in an Ad-Hoc network

ABSTRACT

The present invention provides a system and method for managing secure communications in an ad-hoc network having three or more users including a first user, a second user and a third user. Each user is associated with at least one communication device, and has a set of keys associated with the user for managing secure communications between the at least one communication device of the user and the at least one communication device of another one of the three or more users. Each set of keys includes a private key and a public key, where the public key is shared with the communication device of the other ones of the three or more users with which the user has been authenticated, and the private key is used to decrypt communications encrypted using the corresponding public key from the same set of keys. When the second user of the three or more users has been authenticated by the first user, in addition to receiving the associated public key of the second user, the first user receives a value defining a share authority level, which defines the authority of the first user relative to the second user to provide peer key sharing with the third user.

FIELD OF THE INVENTION

The present invention relates generally to a system and method formanaging secure communications in an ad-hoc network, and moreparticularly, to peer key sharing of third party public keys notinvolved in the current communication transfer.

BACKGROUND OF THE INVENTION

Many conventional forms of communication networks are built on theavailability of centrally managed infrastructure including accesspoints, routers and servers, where the individual participantscommunicate with the network and other individual users through thenetwork. In such an instance, security relative to any particular userand their corresponding communications is managed by the network, wherethe users do not generally communicate directly with each other. In suchan instance, each user communicates with the network, and the networkmanages the routing of the communication to its proper destination.

However such a communication environment requires the establishment andmaintenance of the network infrastructure, which is often geographicallyfixed, in the areas where communications are desired, and which furtherrequire support for a communication capacity that is desired by theusers. In some instances, access to the network may come with afinancial cost to the user, whether there is a cost for accessing thenetwork and/or a cost associated with the amount of information beingcommunicated. Because an established infrastructure that is available toa particular user is not always present, or because it can be moreeconomically beneficial to do so, users may sometimes wish to establishan ad-hoc network, where the users communicate more directly with theirintended targets on a peer-to-peer basis without the control orintervention of a centralized agent. However in such instances,alternative provisions may need to be made for security that hadpreviously been handled by a pre-established network infrastructure.

An ad-hoc network is defined as a decentralized type of network thatdoes not rely upon pre-existing infrastructure. Networking functionspreviously provided by a pre-existing fixed network infrastructure wouldnow need to be handled by the network participants, sometimes referredto as nodes or peer devices. While in some instances, each node cansometimes have relatively equal status, in other instances one or moreparticular nodes can assume a greater level of control or management.For example, in WI-FI Direct, a group owner can be established. In suchan instance, the group owner may function similar to an access point,and thereby enable operability with other WI-FI devices that may nototherwise support WI-FI Direct. As a further example, Bluetooth® allowsfor the establishment of a piconet, where in general, the entityestablishing the piconet often becomes the master that can talk to oneor more associated slave devices in point-to-point orpoint-to-multi-point fashion.

Ad-hoc networks, and more specifically, wireless ad-hoc networks can beeither open or secure. Open networks, generally, allow for unrestrictedaccess which can compromise privacy. Secure connections will oftenrequire users to undergo some form of provisioning or pairing, which caninclude a device accepting a requested connection, so as to acknowledgethat the user knows the other party. Once acknowledged, devices canoften connect or reconnect to each other without a subsequent prompt ornotification on either device. In some instances, the same set ofcredentials may need to be used across all groups or other peer devices,which may be governed by the amount of L2 passwords that can be created.As such, separation of peers may not be feasible. Furthermore, thesepasswords can be tied to a particular device, and hence not portableacross multiple devices owned by the same person. As such, a particularowner may need to separately authenticate each of their devices relativeto each of the ad-hoc networks in which the owner may want toparticipate.

Furthermore, where previously there may have been a single communicationconnection to manage, between a particular user and the networkinfrastructure, in an ad-hoc or peer-to-peer environment, a particularuser may now need to manage multiple connections with multiple differentother users.

Correspondingly, the present inventors have recognized that it would bebeneficial to manage the trust defined between different users to extendthe relationship to other users without necessarily requiring the userto manage each potential relationship individually. In turn, theapplicant has recognized that it may be further beneficial to provide avalue defining a share authority level, that can be used to provide peerkey sharing in qualifying circumstances.

SUMMARY OF THE INVENTION

The present invention provides a system for managing securecommunications in an ad-hoc network. The system includes three or moreusers including a first user, a second user and a third user, each userbeing associated with at least one communication device, and having aset of keys associated with the user for managing secure communicationsbetween the at least one communication device of the user and the atleast one communication device of another one of the three or moreusers. Each set of keys includes a private key and a public key, wherethe public key is shared with the communication device of the other onesof the three or more users with which the user has been authenticated,and the private key is used to decrypt communications encrypted usingthe corresponding public key from the same set of keys. When the seconduser of the three or more users has been authenticated by the firstuser, in addition to receiving the associated public key of the seconduser, the first user receives a value defining a share authority level,which defines the authority of the first user relative to the seconduser to provide peer key sharing with the third user.

In at least one embodiment, peer key sharing of the public key of thesecond user by the first user with the third user includes aconsideration of the value defining the share authority level relativeto the second user, and a level of trust between the first user and thethird user.

The present invention further provides a method for managing securecommunications in an ad-hoc network. The method includes identifying aplurality of users to be included as part of an ad-hoc network, eachuser being associated with at least one communication device, and havinga set of keys associated with the user for managing securecommunications between the at least one communication device of the userand the at least one communication device of another one of theplurality of users. The identified plurality of users are thenauthenticated including exchanging public keys and verifying theidentity of the plurality of users, where authenticating furtherincludes exchanging a value defining a share authority level. Adetermination is then made as to whether a level of trust associatedwith the exchanged share level authority enables a first user to providepeer key sharing of a public key of a second user with a third user, andif so, sharing by the first user the public key of the second user withthe third user.

The present invention still further provides a communication device foruse in an ad-hoc network providing secure communications. The deviceincludes a communication unit including a receiver, and a transmitter.The device further includes a storage unit for storing one or more setsof keys including a public and private key of the user of the device,public keys for each of the other users forming the ad-hoc network, anda share authority level for one or more of the other users forming thead-hoc network, which defines the authority of the user of thecommunication device relative to the respective one or more other usersfor providing peer key sharing with another user. Still further, thedevice includes a controller adapted for identifying a plurality ofusers to be included as part of the ad-hoc network, authenticating theidentified plurality of users including exchanging public keys andverifying the identity of the plurality of users, and determiningwhether a level of trust associated with a received share levelauthority enables the user of the communication device to provide peerkey sharing of a public key relative to the respective one or more otherusers for providing peer key sharing with another user, and if so,sharing by the user the public key of the one or more other users withanother user.

These and other objects, features, and advantages of this invention areevident from the following description of one or more preferredembodiments of this invention, with reference to the accompanyingdrawings.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a block diagram of an exemplary ad-hoc network includingmultiple users and corresponding one or more wireless communicationdevices associated with each user;

FIG. 2 is a block diagram of a wireless communication device for use inan ad-hoc network, illustrated in FIG. 1;

FIG. 3 is a first part of a message sequence diagram for establishing acommunication connection in an ad-hoc network;

FIG. 4 is an example of an identicon;

FIG. 5 is a second part of a message sequence diagram for establishing acommunication connection in an ad-hoc network;

FIG. 6 is a node diagram for a plurality of nodes including a set ofnodes post connection as part of an ad-hoc network, as well as at leastone node pre-connection;

FIG. 7 is an exemplary node diagram illustrating peer public keysharing, where the value of the share authority level allows sharingbetween users having trust with the conveying user; and

FIG. 8 is a flow diagram of a method for managing secure communicationsin an ad-hoc network.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENT(S)

While the present invention is susceptible of embodiment in variousforms, there is shown in the drawings and will hereinafter be describedpresently preferred embodiments with the understanding that the presentdisclosure is to be considered an exemplification of the invention andis not intended to limit the invention to the specific embodimentsillustrated.

FIG. 1 illustrates a block diagram of an exemplary ad-hoc network 100including multiple users 102 and corresponding one or more wirelesscommunication devices 104 associated with each user. In the illustratedembodiment, the communication devices 104 are able to communicatewirelessly with the other communication devices 104. Users A, B and Dare shown having one corresponding wireless communication device. User Cis shown having a pair of associated wireless communication devices.

The wireless communication devices 104 can include any device adapted tocommunicate with another device. A couple of examples can include aradio frequency telephone, a tablet, a personal computer, a cellulartelephone, a cordless telephone, a selective call receiver, an audioplayer, a gaming device, a set top box and a personal digital assistant.However one skilled in the art will appreciate that the presentinvention could also be used with many other types of devices, withoutdeparting from the teachings of the present invention, as increasinglymore and more devices are being equipped with wireless communicationcapabilities for which the present application may be suitable includinginstances where it is desirable for the device to form and communicatewithin an ad-hoc network. At least a couple of examples of differenttypes of ad hoc networks include a WI-FI Direct or a Bluetooth® typenetwork. An ad hoc network has been identified as typically referring toany network where all of the devices can have relatively equal status,and where the devices are free to associate and more directlycommunicate with other ad hoc network devices within communicationrange.

Generally, the ad hoc network does not rely on a pre existinginfrastructure, and as such data is conveyed in peer-to-peer fashionbetween various users without using an intermediate server. However, anyparticular communication may rely on multiple hops between its sourceand destination, such that a communication can be conveyed between twodevices not directly linked.

FIG. 2 illustrates a block diagram of a wireless communication device200 for use in an ad-hoc network, illustrated in FIG. 1. Morespecifically, the wireless communication device 200 may correspond toone or more of the wireless communication devices 104, illustrated inFIG. 1.

The wireless communication device includes a communication unit 206coupled to an antenna 208. In the illustrated embodiment, thecommunication unit 206 includes a transmitter 210 and a receiver 212. Inat least some instances, the communication unit 206 might take the formof a transceiver, which supports both transmission and receipt of awireless signal via the associated antenna 208. The communication unit206 is coupled to a controller 214. In addition to a controller 214, thecommunication device 200 additionally includes a user interface 216 anda storage unit 218. The storage unit 218 is adapted for storing one ormore sets of keys 220, as well as share level authority values 222. Thecontroller 214 includes a processor 224, which includes a plurality ofmodules, which in connection with at least some embodiments, are in theform of one or more sets of prestored instructions 226, which areexecuted by one or more microprocessors. More specifically, theprocessor 224 includes an identification module 228, an authenticationmodule 230, and a peer key sharing module 232. The authentication module230 further includes a key exchange module 234 and an identityverification module 236.

The identification module 228 is adapted for identifying a plurality ofusers to be potentially included as part of an ad-hoc network. Theauthentication module 230 is adapted for authenticating the identifiedplurality of the users including exchanging public keys by the keyexchange module 234 and verifying the identity of the plurality of usersby the identity verification module 236. The peer key sharing module 232determines whether a level of trust associated with a received sharelevel authority enables the user of the communication device to providepeer key sharing of a public key relative to the respective one or moreother user for providing key sharing with another user. If so, thedevice 200 shares the public key of the one or more other users with thedevice of another user.

In the same or other instances, the controller 214 may additionally oralternatively incorporate state machines and/or logic circuitry, whichcan be used to implement at least partially, some of modules and theircorresponding functionality.

The storage unit 218 can include one or more forms of volatile and/ornon-volatile memory, including conventional ROM, EPROM, RAM, or EEPROM.The storage unit 218 may still further incorporate one or more forms ofauxiliary storage, which is either fixed or removable, such as a harddrive or a memory stick. One skilled in the art will still furtherappreciate, that still other further forms of memory could be usedwithout departing from the teachings of the present invention includingmemory resources that might be made available from a remote ordistributed source, such as the cloud.

FIG. 3 illustrates a first part 300 of a message sequence diagrambetween two potential users 102 and their corresponding wirelesscommunication devices 104 for establishing a communication connection inan ad-hoc network 100. Devices that intend to participate in acommunication connection, such as an autonomous connection, need tofirst discover 338 each other. This may be accomplished by one of thedevices sending out a probing signal, while the other device islistening. In order to reduce the required time for listening for aprobing signal, it is possible for the devices to be time-synchronized,and that there be an understanding that any probing signal would occurwithin a particular time interval that the other devices are designatedto be actively listening for such a signal. A time reference from acommon server could be used to synchronize the time of the multipledevices, and correspondingly for identifying the period of time duringwhich discovery signaling might take place.

If during the discovery window, a probing signal is detected fromanother device, then the wireless communication devices finding anotherpeer 340 can follow up with further communications. For example, afollow up service exchange 342 might establish the type of signalingand/or parameters to be used in subsequent communications.

Generally, in response to finding another device, the devices willexchange identifying information 344 with user A identifying himself anduser B identifying herself. Upon learning of the other device'sidentity, the respective device will look 346 to see if it already has astored public key for the other user. If no corresponding key is found,then the device will request 348 a key for the other user. The otheruser will then return 350 with the requested key.

The device receiving the new key can then verify the identity of thereceived key in order to avoid the possibility that another device mayhave attempted to impersonate the other user by responding with theirown key. The user of the device receiving the new key can verify 352 theintegrity of the received key by comparing the received data in some waywith the user from which he expected to receive the key. In at least oneembodiment, the received key can be used to produce an identicon on eachof the recipient device and the originating device, in order to providea quick visually verifiable match.

An example of an identicon 400 is illustrated in FIG. 4. In theillustrated embodiment, the identicon is a 100 by 100 pixel image, thatincludes various repeating shapes at different orientations. While notreproduced in the illustrated example, the color of the produced imagecan also be used to convey additional information. Other examples ofconfirming information can include a determined sequence of audio notesderived from the key value sent and received, which is to be played andcorrespondingly compared between both the sender and the receiver of thekey. In order for such a visual or audio verification to take place, itmay be necessary for the users to be proximate to one another.

Upon verifying 352 the integrity of the received key, the devicereceiving the key can store 354 the same and associate it with thereceived identity of the newly discovered user. Once the devices thatintend to connect have each other's keys (either through the exchangedescribed above or through a previous exchange resulting in the storingof keys), they may proceed to authenticate 556 each other by issuingchallenges with a random nonce. FIG. 5 illustrates a second part 500 ofa message sequence diagram for establishing a communication connectionin an ad-hoc network. For example, a random nonce can be encrypted byuser A using user B's public key, which would enable the private keystored in user B's device to decrypt the nonce. User B could thenrespond with a further encryption of the decrypted nonce, using user A'spublic key, which when decrypted by user A using the private key of userA should result in a decrypted result that matches the original nonce.User B could similarly initiate a similar exchange, where if both setsof communications result in a respective matched nonce, then theauthentication of the exchanged keys can be verified.

Upon successful authentication 556 of the other user, each user cangenerate 558 a group owner password, that can then be exchanged 560.Each group owner password can then be stored 562, and upon election of agroup owner for the ad-hoc network, a password based connection can bemade 564 using the appropriate group owner password. At this point thetwo devices are now part of a group post connection, which have a trustrelationship. Such a group can include still further users.

FIG. 6 illustrates a node diagram 600 for a plurality of nodes includinga set of nodes post connection 668 as part of an ad-hoc network, as wellas at least one node pre-connection 670. Post connection 668 indirectsharing of public keys may be more liberally made between members B-G,which presumably have a sufficient level of trust corresponding to theirjoint presence within a common group. Nevertheless there may be limitsas to how many hops away a public key may be shared, that may be definedby one or more of the users. In order to share the keys, a communicationcan be made by an intervening user, whereby the relayed keys could besigned by the intervening user to track and preserve the source of theshared information.

After authenticating a mobile device in proximity via a trusted device,it may be desirable for a group owner to be able to share the profilesof the wireless ad hoc group members. In turn, this may make it easierto re-form a mobile ad hoc network, form a new mobile ad hoc groupconsisting of a subset of previous group members, or add new trustedmobile devices in proximity.

It is further possible for public keys to be shared pre-connection 670,in certain circumstances. It is envisioned that as part of theauthentication process that the user, in addition to sharing theirpublic key, might also convey a value corresponding to a configurableshare authority level. The corresponding value might allow a first user772 to share the public key of a second user 774 with a third user 776.For example, if the second user trusts 778 the first user and the firstuser trusts 780 the third user, then in at least some circumstances thefirst user may convey 782 the public key of the second user to the thirduser. FIG. 7 illustrates an exemplary node diagram 700 illustrating peerpublic key sharing, where the value of the share authority level allowssharing between users having trust with the conveying user.

FIG. 8 illustrates a flow diagram 800 of a method for managing securecommunications in an ad-hoc network. The method includes identifying 884a plurality of users to be included as part of an ad-hoc network, eachuser being associated with at least one communication device, and havinga set of keys associated with the user for managing securecommunications between the at least one communication device of the userand the at least one communication device of another one of theplurality of users.

By associating the set of keys with the user as opposed to a particulardevice of the user, then the user can avoid needing to separately managethe relationship of their devices relative to each of the groups.However in such an instance it will be beneficial for the user to usethe same set of keys for each of their devices. The private key itselfis typically stored in the secure storage area of each device. In atleast some embodiments, provisions may be made which allow a user toextract the keys from one of their devices and provide the private keysto another one of their devices. In such an instance it may bebeneficial for the exchange to require that the two devices be proximateto one another, and that the user confirm a secure storage passwordassociated with the stored private key at the sender side.

The method illustrated in FIG. 8 further includes authenticating 886 theidentified plurality of users including exchanging public keys andverifying the identity of the plurality of users, where authenticatingfurther includes exchanging a value defining a share authority level. Adetermination 888 is then made as to whether a level of trust associatedwith the exchanged share level authority enables a first user to providepeer key sharing of a public key of a second user with a third user, andif so, sharing by the first user the public key of the second user withthe third user.

Once an ad hoc group is established using the method and systemdisclosed herein, it may be further beneficial to use the group todistribute a notice of a social networking event, such as the birthdayof one of its members, to members of the wireless ad hoc network thathave established an element of trust. The nature of the ad hoc group andcorrespondingly the nature of the trust between group members can beused to determine which members are within the vicinity for which itmight be more beneficial to be made aware of the corresponding socialevent. In this way, it may be possible to avoid the use of other formsof location identifying services, in order to determine the appropriateindividuals to notify.

The fact that the present invention has been described relative to an adhoc environment does not preclude the users from making use of a networkinfrastructure and/or cloud resources for supporting variousfunctionality when they may be available. Furthermore, a time stampcould be associated with one or more shared keys which might be used todefine an expiration period for use in revoking the correspondingpreviously provided keys.

While the preferred embodiments of the invention have been illustratedand described, it is to be understood that the invention is not solimited. Numerous modifications, changes, variations, substitutions andequivalents will occur to those skilled in the art without departingfrom the spirit and scope of the present invention as defined by theappended claims.

What is claimed is:
 1. A system for managing secure communications in anad-hoc network, said system comprising: three or more communicationdevices associated with three or more users including a first user, asecond user and a third user, each user being associated with at leastone communication device, and having a set of keys associated with anassociated user of at least one of the three or more communicationdevices for managing secure communications between the at least one ofthe three or more communication devices of the associated user and theat least one of the three or more communication devices of another oneof the three or more users; wherein each set of keys includes a privatekey and a public key, where the public key is shared with thecommunication device of the other ones of the three or more users withwhich the user has been authenticated, and the private key is used todecrypt communications encrypted using the corresponding public key fromthe same set of keys; and wherein when the communication device of thesecond user of the three or more users has been authenticated by thecommunication device of the first user, in addition to receiving theassociated public key of the second user, the communication device ofthe first user receives a value defining a share authority level, whichdefines the authority of the first user relative to the second user toprovide peer key sharing of the public key of the communication deviceof the second user with the communication device of the third user.
 2. Asystem in accordance with claim 1, wherein the associated communicationdevices of the three or more users are peer-to-peer communicationdevices.
 3. A system in accordance with claim 1, wherein the ad-hocnetwork is an ad-hoc wireless communication network, and the associatedcommunication devices of the three or more users are wirelesscommunication devices.
 4. A system in accordance with claim 1, whereininitially sharing a public key of a set of keys associated with aparticular user as part of authenticating the particular user, the userof the communication device within which the public key of theparticular user is being received is located proximate the particularuser, in order for the user of the device within which the public key ofthe particular user is being received to visually verify the identity ofthe particular user.
 5. A system in accordance with claim 4, wherein theuser of the communication device within which the public key of theparticular user is being received confirms visually an integrity of thereceived public key by comparing an identicon produced by thecommunication device within which the public key of the particular useris being received using the received public key with the identiconproduced by the communication device of the particular user using thesame public key.
 6. A system in accordance with claim 1, wherein when aparticular one of the three or more users has more than one associatedcommunication device, each of the more than one communication devicesassociated with the particular user share the same set of keys.
 7. Asystem in accordance with claim 6, wherein more than one communicationdevices associated with the particular user share the same private keyvia a secure direct communication, when the more than one communicationdevices associated with the particular user are proximate one another.8. A system in accordance with claim 1, wherein peer key sharing of thepublic key of the second user by the first user with the third userincludes a consideration of the value defining the share authority levelrelative to the second user, and a level of trust between the first userand the third user.
 9. A system in accordance with claim 1, wherein thethree or more communication devices are members of an ad-hoc group, andat least one of the three or more communication devices is a group ownerfor the ad-hoc group.
 10. A system in accordance with claim 9, whereinthe ad-hoc group is used to distribute a social networking event.
 11. Amethod for managing secure communications in an ad-hoc network, saidmethod comprising: identifying a plurality of users to be included aspart of an ad-hoc network, each user being associated with at least onecommunication device, and having a set of keys associated with the userfor managing secure communications between the at least onecommunication device of the user and the at least one communicationdevice of another one of the plurality of users; authenticating theidentified plurality of users including exchanging public keys andverifying the identity of the plurality of users, where authenticatingfurther includes exchanging a value defining a share authority level;and determining whether a level of trust associated with the exchangedshare level authority enables a first user to provide peer key sharingof a public key of a second user with a third user, and if so, sharingby the first user the public key of the second user with the third user.12. A method in accordance with claim 11, wherein identifying aplurality of user includes identifying the devices that are adapted toperform autonomous connections.
 13. A method in accordance with claim11, wherein when exchanging public keys, the users that are exchangingthe public keys are located proximate to one another.
 14. A method inaccordance with claim 13, wherein when verifying the identity of theplurality of users after exchanging public keys, the user verifies anintegrity of a received public key by comparing an identicon produced bythe communication device using the received public key with theidenticon produced by the communication device of the user associatedwith the received public key using the same public key.
 15. A method inaccordance with claim 11, wherein when one of the plurality of users hasmore than one communication devices, each of the more than onecommunication devices associated with the same user share the same setof keys.
 16. A method in accordance with claim 15, wherein each of themore than one communication devices associated with the same user sharethe same set of keys when the more than one communication devicesassociated with the same user are proximate one another.
 17. A method inaccordance with claim 11, wherein when providing peer key sharing, thefirst user signs the public key of the second user, which is provided tothe third user.
 18. A method in accordance with claim 11, wherein one ofthe plurality of users included as part of the ad-hoc network is a groupowner.
 19. A method in accordance with claim 11, wherein the ad-hocgroup is used to distribute a social networking event.
 20. Acommunication device for use in an ad-hoc network providing securecommunications, said device comprising: a communication unit including areceiver, and a transmitter; a memory for storing one or more sets ofkeys including a public and private key of the user of the device,public keys for each of the other users forming the ad-hoc network, anda share authority level for one or more of the other users forming thead-hoc network, which define the authority of the user of thecommunication device relative to the respective one or more other usersfor providing peer key sharing with another user; and a processoradapted for identifying a plurality of users to be included as part ofthe ad-hoc network, authenticating the identified plurality of usersincluding exchanging public keys and verifying the identity of theplurality of users, and determining whether a level of trust associatedwith a received share level authority enables the user of thecommunication device to provide peer key sharing of a public keyrelative to the respective one or more other users for providing peerkey sharing with another user, and if so, sharing by the user the publickey of the one or more other users with another user.